CVE-2026-3324
published 2026-04-16CVE-2026-3324: Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
PriorityP358high8.2CVSS 3.1
AVNACLPRNUINSUCHILAN
EPSS
1.32%
67.3th percentile
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zohocorp | manageengine_log360 | 13000 – 13013 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6q34-632f-jr72: Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configurat
ghsa_unreviewed·2026-04-16
CVE-2026-3324 [HIGH] CWE-288 GHSA-6q34-632f-jr72: Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configurat
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
VulDB
Zoho ManageEngine Log360 up to 13013 Filter Configuration authentication bypass (EUVD-2026-23247)
vuldb·2026-04-16·CVSS 8.2
CVE-2026-3324 [HIGH] Zoho ManageEngine Log360 up to 13013 Filter Configuration authentication bypass (EUVD-2026-23247)
A vulnerability classified as critical has been found in Zoho ManageEngine Log360 up to 13013. This affects an unknown function of the component Filter Configuration Handler. This manipulation causes authentication bypass using alternate channel.
This vulnerability is tracked as CVE-2026-3324. The attack is possible to be carried out remotely. No exploit exists.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-16
Published